School Event Management System Project: >> School Event Management System >> 1.0 Security Vulnerabilities
School Event Management System 1.0 allows Arbitrary File Upload via event/controller.php?action=photos.
CVSS Score
9.8
EPSS Score
0.21
Published
2018-11-16
School Event Management System 1.0 allows CSRF via user/controller.php?action=edit.
CVSS Score
8.8
EPSS Score
0.002
Published
2018-11-16
School Event Management System 1.0 has SQL Injection via the student/index.php or event/index.php id parameter.
CVSS Score
9.8
EPSS Score
0.03
Published
2018-11-16